last sync: 2024-Jun-13 18:14:14 UTC

[Deprecated]: Unattached disks should be encrypted

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: Unattached disks should be encrypted
Id 2c89a2e5-7285-40fe-afe0-ae8654b92fb2
Version 1.0.0-deprecated
Details on versioning
Category Compute
Microsoft Learn
Description This policy audits any unattached disk without encryption enabled.
Mode Indexed
Type BuiltIn
Preview False
Deprecated True
Effect Default
Audit
Allowed
Audit, Disabled
RBAC role(s) none
Rule aliases IF (2)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Compute/disks/diskState Microsoft.Compute disks properties.diskState false
Microsoft.Compute/disks/encryptionSettingsCollection.enabled Microsoft.Compute disks properties.encryptionSettingsCollection.enabled true
Rule resource types IF (1)
Microsoft.Compute/disks
Compliance
The following 1 compliance controls are associated with this Policy definition '[Deprecated]: Unattached disks should be encrypted' (2c89a2e5-7285-40fe-afe0-ae8654b92fb2)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
Azure_Security_Benchmark_v1.0 4.8 Azure_Security_Benchmark_v1.0_4.8 Azure Security Benchmark 4.8 Data Protection Encrypt sensitive information at rest Customer Use encryption at rest on all Azure resources. Microsoft recommends allowing Azure to manage your encryption keys, however there is the option for you to manage your own keys in some instances. Understand encryption at rest in Azure: https://docs.microsoft.com/azure/security/fundamentals/encryption-atrest How to configure customer managed encryption keys: https://docs.microsoft.com/azure/storage/common/storage-encryption-keys-portal n/a link 7
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Deprecated]: Azure Security Benchmark v1 42a694ed-f65e-42b2-aa9e-8052e9740a92 Regulatory Compliance Deprecated BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2021-10-19 19:10:32 change Version remains equal, new suffix: deprecated (1.0.0 > 1.0.0-deprecated)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC